SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Mozilla Firefox Vendors:   Mozilla.org
Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs
SecurityTracker Alert ID:  1024226
SecurityTracker URL:  http://securitytracker.com/id/1024226
CVE Reference:   CVE-2010-0654, CVE-2010-1206, CVE-2010-1207, CVE-2010-1210, CVE-2010-1213, CVE-2010-2751, CVE-2010-2754   (Links to External Site)
Updated:  Jul 21 2010
Original Entry Date:  Jul 21 2010
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 3.5.11, prior to 3.6.7
Description:   Several vulnerabilities were reported in Mozilla Firefox. A remote user can bypass same-site domain controls. A remote user can spoof URLs in the address bar.

A remote user can exploit the Web Worker method importScripts to read and parse resources from other domains [CVE-2010-1213]. Mozilla SeaMonkey is affected. Yosuke Hasegawa reported this vulnerability.

A remote user can exploit a canvas element to read data from another site [CVE-2010-1207]. Mozilla developer Vladimir Vukicevic reported this vulnerability.

A remote user can use specially crafted 8 bit character encodings to cause certain characters to not be displayed [CVE-2010-1210]. This can be exploited to conduct cross-site scripting and other attacks. O. Andersen reported this vulnerability.

A remote user can open a new window that contains a resource that responds with an HTTP 204 (no content) and then use the reference to the new window to insert HTML content into the blank document. A remote user can also open a new window and then call window.stop() before the document is loaded. These methods allow the remote user to spoof the location bar [CVE-2010-1206]. Mozilla SeaMonkey is affected. Google security researcher Michal Zalewski reported this vulnerability.

A remote user can redirect a request for a plaintext resource to another resource that is protected by a valid SSL/TLS certificate and then make a second request to the original plaintext resource with a response containing JavaScript history.back() and history.forward() calls to cause the plaintext resource being displayed with valid SSL/TLS badging in the location bar [CVE-2010-2751]. Mozilla SeaMonkey is affected. Jordi Chancel reported this vulnerability.

A remote user that can inject bogus CSS selectors into a target site and then retrieve the data using JavaScript APIs can obtain data from a different domain [CVE-2010-0654]. Mozilla SeaMonkey is affected. Google security researcher Chris Evans reported this vulnerability.

A remote user can trigger script errors where the script filename and line number is included in the error message to obtain potentially sensitive URL parameters from other domains [CVE-2010-2754]. Mozilla SeaMonkey is affected. Soroush Dalili reported this vulnerability.

Impact:   A remote user can bypass same-site domain controls.

A remote user can spoof URLs in the address bar.

Solution:   The vendor has issued a fix (3.5.11, 3.6.7).

The vendor's advisories are available at:

http://www.mozilla.org/security/announce/2010/mfsa2010-42.html
http://www.mozilla.org/security/announce/2010/mfsa2010-43.html
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
http://www.mozilla.org/security/announce/2010/mfsa2010-45.html
http://www.mozilla.org/security/announce/2010/mfsa2010-46.html
http://www.mozilla.org/security/announce/2010/mfsa2010-47.html

Vendor URL:  www.mozilla.org/security/announce/2010/mfsa2010-42.html (Links to External Site)
Cause:   Access control error, Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 21 2010 (Red Hat Issues Fix) Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs
Red Hat has issued a fix for Red Hat Enterprise Linux 4 and 5.
Jul 21 2010 (Red Hat Issues Fix for SeaMonkey) Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs
Red Hat has issued a fix for SeaMonkey for CVE-2010-2751 and CVE-2010-2754 for Red Hat Enterprise Linux 3 and 4.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC